package com.aop;

import com.model.FrontUser;
import com.model.response.Response;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;

// 鉴权AOP
@Aspect
@Component
@Order(1)
public class AuthAspect {

    @Around("@annotation(com.auth.FrontUserIsLoginAuth)")
    public Object checkFrontUserLogin(ProceedingJoinPoint proceedingJoinPoint) throws Throwable {
        HttpServletRequest request =((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        FrontUser user = (FrontUser) request.getSession().getAttribute("front_user");
        if(user == null) return Response.Denied("用户未登陆, 无权限访问该接口!");
        return proceedingJoinPoint.proceed();
    }

}
